package com.water.expert.extraction.controller;

import java.util.List;
import java.util.stream.Collectors;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import jakarta.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/admin")
public class AdminController {
    @GetMapping("/dashboard")
    // @PreAuthorize("hasRole('read')")
    @PreAuthorize("hasAuthority('ADMIN')")
    public String getAdminDashboard(HttpServletRequest request) {
        return "欢迎，管理员！";
    }
    
    @GetMapping("/permissions")
    @PreAuthorize("isAuthenticated()")  // 只允许已认证用户访问
    public List<String> getUserPermissions() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication.getAuthorities().stream()
                .map(GrantedAuthority::getAuthority)
                .collect(Collectors.toList());
    }
}